February 15, 2013

Every time you purchase an app on Google Play, your name, address and email is passed on to the developer

Every time you purchase an app on Google Play, your name, address and email is passed on to the developer. The "flaw" - which appears to be by design - was discovered by Sydney app developer, Dan Nolan.news.com.au reports.

Let me make this crystal clear, every App purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred," Nolan wrote on his blog.

"With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase."

With Google customers' details just sitting in developers accounts, all it would take is a half decent piece of malware software for that information to be accessed. These personal details could then be used to access the users' bank details.

That's also more than enough information to be able to access your other devices which could also be mined for more data - insurance information, other credit cards - which could then be used to access your banking credentials.

Mr Nolan told News.com.au that tens of millions of Google customers could be affected.